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CLAIMS 

What is claimed: 

1. A network system for policy provisioning and access managing, the system 
comprising in combination: 

5 a first network device for marking an incoming message with an identifier of a network 

access device; 

a second network device for policy provisioning and access managing, wherein the 

v3 second network device intercepting the incoming message prior to at least one first protocol 

ft « 

L?f server receives the incoming message, identifying a network device using the identifier and 

ru 

ijlO managing an assignment of a plurality of configuration settings based on the identifier; and 

5 * a database for storing a plurality of configuration information records, wherein each 

M 

r* record includes an identifier of a network access device and a plurality of configuration 

ry 

N information settings constructed based on a service level agreement associated with the identifier 
of each record. 

15 

2. The system as claimed in Claim 1, wherein the first network device comprises a 
cable modem termination system. 

3. The system as claimed in Claim 1, wherein the network access device comprises a 
20 cable modem, and the identifier associated with the network access device comprises a Medium 

Access Control address of the cable modem. 



4. The system as claimed in Claim 1, wherein the incoming message comprises a 
Dynamic Host Configuration Protocol message. 
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5. The system as claimed in Claim 1, wherein the at least one first protocol server 
comprises at least one Dynamic Host Configuration Protocol server. 

6. The system as claimed in Claim 1, wherein the configuration information 
comprises a service provider identifier associated with the network access device of the record. 



\f 7. The system as claimed in Claim 6, wherein the second network device uses the 

ry 

fU service provider identifier to forward the incoming message to a service provider associated with 

y 0 the identifier, the service provider comprising a Dynamic Host Configuration Protocol server. 



t . 

ry 

O 
O 



8. The system as claimed in Claim 1, wherein the configuration information 
comprises a configuration file identifier associated with the network access device of the record. 



15 9. The system as claimed in Claim 8, wherein the configuration file identifier maps 

to a path of a configuration file on a second protocol server, the second protocol server 
comprising a Trivial File Transfer Protocol server, and the second network device inserts the 
path of the configuration file into the incoming message. 

20 10. The system as claimed in Claim 1, wherein the configuration information 

comprises a class of service parameter associated with the network access device of the record. 

11. The system as claimed in Claim 10, wherein the second network device uses the 
class of service parameter to redirect the incoming message and to assign an Internet Protocol 
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address to a network device associated with the network access device from an Internet Protocol 
address pool associated with the class of service parameter. 



12. The system as claimed in Claim 11, wherein the network device associated with 
5 the network access device is a customer premises equipment entity. 

13. The system as claimed in Claim 1, wherein the database comprises a record of 

! 

3 partial identifiers associated with network access devices that have an access to the data-over- 

.J* cable system. 

nJ 

s 14. The system as claimed in Claim 13, wherein the second network device uses the 

H record of partial identifiers to determine whether the network access device has an access in the 

*M data-over-cable system and if the network device is not allowed, rejecting the first incoming 

Q 

*3 message on the second network device. 

15. The system as claimed in Claim 13, wherein each partial identifier comprises a 
prefix value of a Medium Access Control network address associated with the network access 
device. 



15 



20 16. The system as claimed in Claim 1, further comprising a graphical user interface in 

communication with the second network device, wherein the graphical user interface comprises a 
plurality of administration tools for managing the configuration information records stored in the 
database and for managing a plurality of global server configuration options for network devices. 
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17. The system as claimed in Claim 16, wherein the plurality of global configuration 
options comprises a plurality of default settings for a plurality of network devices for which 
configuration records are not stored in the database. 

18. The system as claimed in Claim 1, wherein the network system comprises a data- 
over-cable system, an Asynchronous Transfer Mode protocol system, an Asymmetric Digital 
Subscriber Line protocol system, a Voice over Internet Protocol system, a Point to Point Protocol 
over Ethernet system, an Internet Protocol system or a broadband wireless system. 



l7i0 19. In a data-over-cable system comprising a plurality of network devices, a method 

I 

s for policy provisioning and access managing, the method comprising: 



receiving a first message on a first network device from a second network device and 
marking the first message with an identifier of a network access device; 

intercepting the first message on a third network device prior to at least one first protocol 
15 server receiving the first message; 

determining an identity of the second network device using the identifier in the first 
message; and 

managing an assignment of configuration parameters for the second network device 
based on the identifier of the network access device. 



20. The method as claimed in Claim 19, wherein the first network device comprises a 
cable modem termination system. 
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21. The method as claimed in Claim 19, wherein the third network device comprises a 
policy and access manager network device. 



22. The method as claimed in Claim 19, wherein the first protocol server comprises a 
5 Dynamic Host Configuration Protocol server. 



Q 



23. The method as claimed in Claim 19, the second network device comprises a cable 
modem, and the identifier of the network access device comprises an identifier of the cable 

ru 

fy modem. 
Wo 

f 24. The method as claimed in Claim 19, wherein the second network device 

\?. comprises a customer premises equipment device, and the identifier of the network access device 
fU 

comprises an identifier of a cable modem associated with the customer premises equipment 
device. 

15 

25. The method as claimed in Claim 19, wherein the identifier of the network access 
device comprises a Medium Access Control address of the network access device. 



26. The method as claimed in Claim 19, wherein the step of managing the assignment 
20 of the configuration parameters comprises: 

establishing a plurality of configuration records in a database, wherein each record 
comprises an identifier of a network access device and a plurality of configuration settings 
associated with the identifier in each record; 
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querying the database by the third network device for a record associated with the 
identifier in the first message; and 

managing the assignment of the configuration records on the third network device based 
on the record retrieved from the database. 

27. The method as claimed in Claim 26, wherein the plurality of configuration 
settings associated with the identifier in each record comprise a configuration file identifier with 
a path of a configuration file on a second protocol server, the second protocol server comprising 



fy a Trivial File Transfer Protocol server. 



28. The method as claimed in Claim 27, further comprising, inserting the path of the 
configuration file on the second protocol server into the first message. 



29. The method as claimed in Claim 26, wherein the plurality of configuration 
15 settings associated with the identifier in each record comprises an identifier of a service provider. 

30. The method as claimed in Claim 26, further comprising, forwarding the first 
message to the service provider based on the identifier of the service provider 

20 31. The method as claimed in Claim 26, wherein the plurality of configuration 

settings associated with the identifier in the record comprises class of service settings. 
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32. The method as claimed in Claim 31, further comprising, assigning an Internet 
Protocol address from an Internet Protocol address pool associated with the class of service 
setting. 



5 33. The method as claimed in Claim 19, wherein the step of managing the assignment 

of the configuration parameters further comprises: 

establishing a record of partial identifiers associated with network access devices having 

13 

^9 an access to the data-over-cable network; and 

%i based on the identifier in the first message and the record of partial identifiers, 

5 JO determining whether the network access device is an allowed network. 

M 

M 34. The method as claimed in Claim 33, wherein each partial identifier comprises a 

ru 

^ prefix of a Medium Access Control address of a network access device having the access to the 
^ data-over-cable network. 

35. The method as claimed in Claim 19, further comprising, managing the 
configuration record using a graphical user interface in communication with the third network 
device. 



15 



20 36. The method as claimed in Claim 19, further comprising, establishing a default 

configuration record for network access devices not having a unique record in the database. 

37. A computer readable medium having stored therein instructions for causing a 
central processing unit to execute the steps of Claim 19. 
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